Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
npm Security Advisories
Loading...
Critical
Ecosystems: npm
Packages: node.extend
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI5NmMtNTdwZi05ampt
Prototype Pollution in node.extendEcosystems: npm
Packages: node.extend
Source: GitHub Advisory Database
Blast Radius: 45.6
Published: about 5 years ago
High
Ecosystems: npm
Packages: http-proxy
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl4dzktcHZndi02cDc2
Insufficient Error Handling in http-proxyEcosystems: npm
Packages: http-proxy
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 5 years ago
High
Ecosystems: npm
Packages: http-proxy
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZ4MzMtcHc3cC1obXBx
Denial of Service in http-proxyEcosystems: npm
Packages: http-proxy
Source: GitHub Advisory Database
Blast Radius: 45.5
Published: over 3 years ago
High
Ecosystems: npm
Packages: lodash-template, lodash.template, lodash-es, lodash
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM1amgtcjNoNC02amht
Command Injection in lodashEcosystems: npm
Packages: lodash-template, lodash.template, lodash-es, lodash
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZnNDctM2MyeC1tMndy
TimelockController vulnerability in OpenZeppelin ContractsEcosystems: npm
Packages: @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: y18n
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM0dzcteG03OC00N3Zo
Prototype Pollution in y18nEcosystems: npm
Packages: y18n
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: about 3 years ago
High
Ecosystems: npm
Packages: acorn
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZjaHctNmZyZy1mNzU5
Regular Expression Denial of Service in AcornEcosystems: npm
Packages: acorn
Source: GitHub Advisory Database
Blast Radius: 45.4
Published: about 4 years ago
High
Ecosystems: npm
Packages: codecov
Source: GitHub Advisory Database
Blast Radius: 45.2
Published: about 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTVxODgtY2pmcS1nMm1o
codecov NPM module allows remote attackers to execute arbitrary commandsEcosystems: npm
Packages: codecov
Source: GitHub Advisory Database
Blast Radius: 45.2
Published: about 4 years ago
High
Ecosystems: npm
Packages: codecov
Source: GitHub Advisory Database
Blast Radius: 45.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1taDJoLTZqOHEteDI0Ns4AAjZJ
Improper Neutralization of Special Elements in Output Used by a Downstream Component in CodecovEcosystems: npm
Packages: codecov
Source: GitHub Advisory Database
Blast Radius: 45.2
Published: almost 2 years ago
High
Ecosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ0Nm0tbXY4Zi1xMzQ4
Regular Expression Denial of Service in momentEcosystems: npm
Packages: moment
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 6 years ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc4Y2otZnhwaC1tODNw
Regular Expression Denial of Service (ReDoS) in ua-parser-jsEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
GSA_kwCzR0hTQS1maGc3LW04OXEtMjVyM84AAxIw
ReDoS Vulnerability in ua-parser-js versionEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: over 1 year ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTM5NGMtNWo2dy00eG14
ua-parser-js Regular Expression Denial of Service vulnerabilityEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: about 2 years ago
High
Ecosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2MngtZmhxZy05cDh2
Regular Expression Denial of Service in ua-parser-jsEcosystems: npm
Packages: ua-parser-js
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 3 years ago
High
Ecosystems: npm
Packages: scss-tokenizer
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03bXdoLTRwcXYtd21yOM4AAtEk
Regular expression denial of service in scss-tokenizerEcosystems: npm
Packages: scss-tokenizer
Source: GitHub Advisory Database
Blast Radius: 45.0
Published: almost 2 years ago
High
Ecosystems: npm
Packages: fstream
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhmN3ctcjQ1My1tNTZj
Arbitrary File Overwrite in fstreamEcosystems: npm
Packages: fstream
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: almost 5 years ago
High
Ecosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: almost 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZoN20tcDcyNC02MmMy
Signature Malleabillity in ellipticEcosystems: npm
Packages: elliptic
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: almost 4 years ago
High
Ecosystems: npm
Packages: ssri
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4M3AtOTQ4Zy02dmhx
Regular Expression Denial of Service (ReDoS)Ecosystems: npm
Packages: ssri
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: about 3 years ago
High
Ecosystems: npm
Packages: object-path
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
GSA_kwCzR0hTQS04djYzLWNxcWMtNnIyY80V4w
Prototype Pollution in object-pathEcosystems: npm
Packages: object-path
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 2 years ago
High
Ecosystems: npm
Packages: decode-uri-component
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 1 year ago
GSA_kwCzR0hTQS13NTczLTRoZzctN3dncc4AAwD1
decode-uri-component vulnerable to Denial of Service (DoS)Ecosystems: npm
Packages: decode-uri-component
Source: GitHub Advisory Database
Blast Radius: 44.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: http-signature
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEyNTctdnY0cC1mZzky
Header Forgery in http-signatureEcosystems: npm
Packages: http-signature
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: over 5 years ago
High
Ecosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTV2NzIteGc0OC01cnBt
Denial of Service in wsEcosystems: npm
Packages: ws
Source: GitHub Advisory Database
Blast Radius: 44.7
Published: almost 5 years ago
High
Ecosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: 12 months ago
GSA_kwCzR0hTQS1jcW1qLTkyeGYtcjZyOc4AAzcU
Insufficient validation when decoding a Socket.IO packetEcosystems: npm
Packages: socket.io-parser
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: 12 months ago
High
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0MnAtcGc4bS1jcWg2
Prototype Pollution in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: almost 5 years ago
High
Ecosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJjZjUtNHc3Ni1yOXF2
Arbitrary Code Execution in handlebarsEcosystems: npm
Packages: handlebars
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 3 years ago
Critical
Ecosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
GSA_kwCzR0hTQS01dnAzLXY0aGMtZ3g3Ns0VxA
UUPSUpgradeable vulnerability in @openzeppelin/contractsEcosystems: npm
Packages: @openzeppelin/contracts-upgradeable, @openzeppelin/contracts
Source: GitHub Advisory Database
Blast Radius: 44.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 44.2
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0NjItcTd4Ny1nMng0
js-bson vulnerable to REDoSEcosystems: npm
Packages: bson
Source: GitHub Advisory Database
Blast Radius: 44.2
Published: over 5 years ago
High
Ecosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: about 2 months ago
GSA_kwCzR0hTQS1mNzhqLTR3M2ctNHE2Nc4AA56t
StimulusReflex arbitrary method callEcosystems: npm, rubygems
Packages: stimulus_reflex
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: about 2 months ago
Critical
Ecosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
GSA_kwCzR0hTQS1nbXdwLTNwd2MtM2ozZ84AAvS-
mockery is vulnerable to prototype pollutionEcosystems: npm
Packages: mockery
Source: GitHub Advisory Database
Blast Radius: 43.9
Published: over 1 year ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXcyMjItNTNjNi1jODZw
Remote Code Execution in electronEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: over 6 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: about 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZqcXItZngzZi1nNHJ2
Electron protocol handler browser vulnerable to Command InjectionEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: about 6 years ago
High
Ecosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: 7 months ago
GSA_kwCzR0hTQS1xcXZxLTZ4Z2otanc4Z84AA2IC
Electron affected by libvpx's heap buffer overflow in vp8 encodingEcosystems: npm
Packages: electron
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: 7 months ago
Critical
Ecosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
GSA_kwCzR0hTQS1oMnAzLWg0OGgtOWpqN84AAR2Q
PIDUsage Enables OS Command InjectionEcosystems: npm
Packages: pidusage
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: almost 2 years ago
High
Ecosystems: npm
Packages: mpath
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0NjYtajMzNi03NHd4
Prototype Pollution in mpathEcosystems: npm
Packages: mpath
Source: GitHub Advisory Database
Blast Radius: 43.7
Published: about 5 years ago
Critical
Ecosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThqNHctNWZ3NC1ybTI3
Prototype Pollution in deeplyEcosystems: npm
Packages: deeply
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: over 4 years ago
High
Ecosystems: npm
Packages: browserify-sign
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: 6 months ago
GSA_kwCzR0hTQS14OXc1LXYzcTItM3Jod84AA2uZ
browserify-sign upper bound check issue in `dsaVerify` leads to a signature forgery attackEcosystems: npm
Packages: browserify-sign
Source: GitHub Advisory Database
Blast Radius: 43.6
Published: 6 months ago
Moderate
Ecosystems: npm
Packages: uri-js
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTMzM3ctcnhqMy1mNTVy
Regular Expression Denial Of Service in uri-jsEcosystems: npm
Packages: uri-js
Source: GitHub Advisory Database
Blast Radius: 43.4
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTl3Y2ctanJ3Zi04Z2c3
Prototype Pollution in express-fileuploadEcosystems: npm
Packages: express-fileupload
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: over 3 years ago
High
Ecosystems: npm
Packages: file-type
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1taHhqLTg1cjMtMng1Nc4AAtkt
file-type vulnerable to Infinite Loop via malformed MKV fileEcosystems: npm
Packages: file-type
Source: GitHub Advisory Database
Blast Radius: 43.3
Published: almost 2 years ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
GSA_kwCzR0hTQS01aDlnLXg1cnYtMjV3Z80WrQ
Cross-site scripting vulnerability in TinyMCEEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: over 2 years ago
Moderate
Ecosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 6 months ago
GSA_kwCzR0hTQS12NjI2LXI3NzQtajdmOM4AA3Mj
TinyMCE vulnerable to mutation Cross-site Scripting via special characters in unescaped text nodesEcosystems: nuget, packagist, npm
Packages: TinyMCE, tinymce/tinymce, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 6 months ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
GSA_kwCzR0hTQS12NjVyLXAzdnYtampmds4AA2kF
TinyMCE mXSS vulnerability in undo/redo, getContent API, resetContent API, and Autosave pluginEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
Moderate
Ecosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
GSA_kwCzR0hTQS1oZ3F4LXIyaHAtanIzOM4AA2kG
TinyMCE XSS vulnerability in notificationManager.open APIEcosystems: packagist, nuget, npm
Packages: tinymce/tinymce, TinyMCE, tinymce
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: 7 months ago
High
Ecosystems: npm
Packages: hawk
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWpjcHYtZzlyci1xeHJj
Regular Expression Denial of Service in hawkEcosystems: npm
Packages: hawk
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 6 years ago
High
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1wZjI3LTkyOWotOXBtbc4AAl2N
Out-of-bounds Read and Out-of-bounds Write in Facebook HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 2 years ago
High
Ecosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 2 years ago
GSA_kwCzR0hTQS1nbXBtLXhwNDMtZjdnNs4AAl2T
Signed to Unsigned Conversion Error in Facebook HermesEcosystems: npm
Packages: hermes-engine
Source: GitHub Advisory Database
Blast Radius: 43.2
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
GSA_kwCzR0hTQS05cTV3LTc5Y3YtOTQ3bc0Vog
Unsafe defaults in `remark-html`Ecosystems: npm
Packages: remark-html
Source: GitHub Advisory Database
Blast Radius: 43.1
Published: over 2 years ago
High
Ecosystems: npm
Packages: merge
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY5Y20tcW14NS1tOTho
Prototype Pollution in mergeEcosystems: npm
Packages: merge
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 5 years ago
High
Ecosystems: npm
Packages: colors
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 2 years ago
GSA_kwCzR0hTQS1naDg4LTNweHAtNmZtOM0jtg
Infinite Loop in colors.jsEcosystems: npm
Packages: colors
Source: GitHub Advisory Database
Blast Radius: 43.0
Published: over 2 years ago
High
Ecosystems: npm
Packages: json5
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 1 year ago
GSA_kwCzR0hTQS05YzQ3LW02cXEtN3A0aM4AAwpn
Prototype Pollution in JSON5 via Parse MethodEcosystems: npm
Packages: json5
Source: GitHub Advisory Database
Blast Radius: 42.8
Published: over 1 year ago
High
Ecosystems: npm
Packages: dot
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 2 years ago
GSA_kwCzR0hTQS0yOTd4LTh4ajQtdmN4ds4AAj6G
Improper Control of Generation of Code in doTEcosystems: npm
Packages: dot
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 2 years ago
High
Ecosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1dzYtcjdyZy1tY2dx
Regular Expression Denial of Service in validatorEcosystems: npm
Packages: validator
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: over 3 years ago
High
Ecosystems: maven, npm
Packages: org.webjars.npm:dicer, dicer
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 2 years ago
GSA_kwCzR0hTQS13bTdoLTkyNzUtNDZ2Ms4AAgbn
Crash in HeaderParser in dicerEcosystems: maven, npm
Packages: org.webjars.npm:dicer, dicer
Source: GitHub Advisory Database
Blast Radius: 42.7
Published: almost 2 years ago
High
Ecosystems: npm
Packages: hawk
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
GSA_kwCzR0hTQS00NHB3LWgyY3ctdzN2cc4AAgdL
Uncontrolled Resource Consumption in HawkEcosystems: npm
Packages: hawk
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: almost 2 years ago
High
Ecosystems: npm
Packages: express-handlebars
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZyNzYtMndwOC1mcDky
Insecure template handling in Express-handlebarsEcosystems: npm
Packages: express-handlebars
Source: GitHub Advisory Database
Blast Radius: 42.6
Published: about 2 years ago
High
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
GSA_kwCzR0hTQS01djJoLXIyY3gtNXhnas0jVA
Inefficient Regular Expression Complexity in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
GSA_kwCzR0hTQS1ycnJtLXFqbTQtdjhoZs0jUw
Inefficient Regular Expression Complexity in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhqY3AtajM4OS01OWZm
Regular Expression Denial of Service in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 6 years ago
High
Ecosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg1cGctODh3Zi1xcTRw
Regular Expression Denial of Service in markedEcosystems: npm
Packages: marked
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 6 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzeDQtd3I0aC1wdzMz
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWhnY2gtamptci1ncDd3
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 4 years ago
Critical
Ecosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
GSA_kwCzR0hTQS1xNHhjLTdjdzgtY2dmas4AAnA8
dset vulnerable to prototype pollutionEcosystems: npm
Packages: dset
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: almost 2 years ago
High
Ecosystems: npm
Packages: jszip
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 1 year ago
GSA_kwCzR0hTQS0zNmZoLTg0ajctY3Y1aM4AAxPh
JSZip contains Path Traversal via loadAsyncEcosystems: npm
Packages: jszip
Source: GitHub Advisory Database
Blast Radius: 42.5
Published: over 1 year ago
High
Ecosystems: npm
Packages: degenerator, pac-resolver
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlqNDktbWZ2cC12bWht
Code Injection in pac-resolverEcosystems: npm
Packages: degenerator, pac-resolver
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: over 2 years ago
GSA_kwCzR0hTQS1jcGg1LW04ZjctNmM1eM0VhQ
axios Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: over 2 years ago
High
Ecosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: almost 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQyeHctMnh2Yy1xeDht
Denial of Service in axiosEcosystems: npm
Packages: axios
Source: GitHub Advisory Database
Blast Radius: 42.4
Published: almost 5 years ago
Critical
Ecosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
GSA_kwCzR0hTQS1ncDJqLW1nNHctMnJoNc4AAkmW
chrome-launcher subject to OS Command InjectionEcosystems: npm
Packages: chrome-launcher
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: almost 2 years ago
Critical
Ecosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
GSA_kwCzR0hTQS12cGY1LTgyYzgtOXYzNs0XwA
Prototype Pollution in algoliasearch-helperEcosystems: npm
Packages: algoliasearch-helper
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: over 2 years ago
Moderate
Ecosystems: npm
Packages: tar, node-tar
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 1 month ago
GSA_kwCzR0hTQS1mNXgzLTMyZzYteHEzNs4AA6O0
Denial of service while parsing a tar file due to lack of folders count validationEcosystems: npm
Packages: tar, node-tar
Source: GitHub Advisory Database
Blast Radius: 42.3
Published: about 1 month ago
High
Ecosystems: npm
Packages: tar-fs
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 5 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXgybWMtOGZnai0zd21y
Improper Input Validation in tar-fsEcosystems: npm
Packages: tar-fs
Source: GitHub Advisory Database
Blast Radius: 42.1
Published: about 5 years ago
Moderate
Ecosystems: npm
Packages: react
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc1M3ctNTJ4Yy0yajg1
Cross-Site Scripting in reactEcosystems: npm
Packages: react
Source: GitHub Advisory Database
Blast Radius: 41.9
Published: over 3 years ago
High
Ecosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 1 year ago
GSA_kwCzR0hTQS1qcXY1LTd4cHgtcWo3NM4AAyEw
sqlite vulnerable to code execution due to Object coercionEcosystems: npm
Packages: sqlite3
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 1 year ago
High
Ecosystems: npm
Packages: semver-regex
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: over 2 years ago
GSA_kwCzR0hTQS00NGM2LTR2MjItNG1oeM0VyQ
semver-regex Regular Expression Denial of Service (ReDOS)Ecosystems: npm
Packages: semver-regex
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: over 2 years ago
High
Ecosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: almost 2 years ago
GSA_kwCzR0hTQS1nOTU0LTVod3AtcHAyNM4AArQX
Prototype Pollution in protobufjsEcosystems: npm
Packages: protobufjs
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: almost 2 years ago
High
Ecosystems: npm
Packages: merge
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTd3cHctMmhqbS04OWdw
Prototype Pollution in mergeEcosystems: npm
Packages: merge
Source: GitHub Advisory Database
Blast Radius: 41.8
Published: about 3 years ago
High
Ecosystems: npm
Packages: is-my-json-valid
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWY1MjItZmZnOC1qOHI2
Regular Expression Denial of Service in is-my-json-validEcosystems: npm
Packages: is-my-json-valid
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 6 years ago
High
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: 4 months ago
GSA_kwCzR0hTQS1jMjR2LThyZmMtdzh2d84AA4lu
Vite dev server option `server.fs.deny` can be bypassed when hosted on case-insensitive filesystemEcosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: 4 months ago
High
Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: 11 months ago
GSA_kwCzR0hTQS0zNTNmLTV4ZjQtcXc2N84AAzpR
Vite Server Options (server.fs.deny) can be bypassed using double forward-slash (//)Ecosystems: npm
Packages: vite
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: 11 months ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
GSA_kwCzR0hTQS1qZjVyLThobTItZjg3Ms0uHQ
url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
Moderate
Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
GSA_kwCzR0hTQS04djM4LXB3NjItOWN3Ms0s1g
url-parse Incorrectly parses URLs that include an '@'Ecosystems: npm
Packages: url-parse
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: about 2 years ago
High
Ecosystems: npm
Packages: react-native
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmNTMtZm1tdi1tZmp2
Regular expression denial of service in react-nativeEcosystems: npm
Packages: react-native
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: almost 3 years ago
Critical
Ecosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2M3gteGM5ai1oaHZx
Sandbox Breakout / Arbitrary Code Execution in safer-evalEcosystems: npm
Packages: safer-eval
Source: GitHub Advisory Database
Blast Radius: 41.7
Published: over 4 years ago
High
Ecosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 41.6
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW01cGotdmpqZi00bTNo
Arbitrary Code Execution in gruntEcosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 41.6
Published: almost 3 years ago
High
Ecosystems: npm
Packages: semantic-release
Source: GitHub Advisory Database
Blast Radius: 41.6
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIyajYtcDY3aC1xNjM5
Secret disclosure when containing characters that become URI encodedEcosystems: npm
Packages: semantic-release
Source: GitHub Advisory Database
Blast Radius: 41.6
Published: over 3 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
GSA_kwCzR0hTQS0yNW1wLWc2ZnYtbXF4eM0ZPg
Unexpected server crash in Next.js.Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTlncjMtNzg5Ny1wcDdt
XSS in Image Optimization API for Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTNmNWMtNHF4ai12bXBm
Next.js Directory Traversal VulnerabilityEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 6 years ago
High
Ecosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zNHgtd2dyaC1nODk3
Directory traversal vulnerability in Next.jsEcosystems: npm
Packages: next
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 6 years ago
High
Ecosystems: npm
Packages: simple-get
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
GSA_kwCzR0hTQS13cGc3LTJjODgtcjh4ds0m1w
Exposure of Sensitive Information in simple-getEcosystems: npm
Packages: simple-get
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: over 2 years ago
High
Ecosystems: npm
Packages: trim
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc1cDctaDV3OC0yaGZx
Regular Expression Denial of Service in trimEcosystems: npm
Packages: trim
Source: GitHub Advisory Database
Blast Radius: 41.5
Published: almost 3 years ago
High
Ecosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: almost 2 years ago
GSA_kwCzR0hTQS1mODI1LWY5OGMtZ2ozZ84AAtty
automattic/mongoose vulnerable to Prototype pollution via Schema.pathEcosystems: npm
Packages: mongoose
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: almost 2 years ago
High
Ecosystems: npm
Packages: method-override
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: almost 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXF4MmYtNDc3Yy0zNXJx
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override headerEcosystems: npm
Packages: method-override
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: almost 6 years ago
High
Ecosystems: npm
Packages: is-url
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: about 1 year ago
GSA_kwCzR0hTQS1wOXc4LTJtcHEtNDloOc4AAxaw
is-url Inefficient Regular Expression Complexity vulnerabilityEcosystems: npm
Packages: is-url
Source: GitHub Advisory Database
Blast Radius: 41.4
Published: about 1 year ago
High
Ecosystems: npm
Packages: get-func-name
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
GSA_kwCzR0hTQS00cTZwLXI2djItanZjNc4AA2HC
Chaijs/get-func-name vulnerable to ReDoSEcosystems: npm
Packages: get-func-name
Source: GitHub Advisory Database
Blast Radius: 41.3
Published: 7 months ago
Critical
Ecosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 8 months ago
GSA_kwCzR0hTQS1neDZyLXFjMnYtM3Azds4AA1_3
systeminformation SSID Command Injection VulnerabilityEcosystems: npm
Packages: systeminformation
Source: GitHub Advisory Database
Blast Radius: 41.2
Published: 8 months ago
Critical
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZ4NWMtODdxeC1jdjZj
Arbitrary Code Execution in mathjsEcosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
Critical
Ecosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXB2OHgtcDlocS1qMzI4
Arbitrary Code Execution in mathjsEcosystems: npm
Packages: mathjs
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: over 6 years ago
High
Ecosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1ybTM2LTk0ZzgtODM1cs3k_w
Race Condition in GruntEcosystems: npm
Packages: grunt
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: almost 2 years ago
Moderate
Ecosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: about 2 months ago
GSA_kwCzR0hTQS1jeGpoLXBxd3AtOG1mcM4AA6AJ
follow-redirects' Proxy-Authorization header kept across hostsEcosystems: npm
Packages: follow-redirects
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: about 2 months ago
High
Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 6 months ago
GSA_kwCzR0hTQS01NHhxLWNncXItcnBtM84AA3N1
sharp vulnerability in libwebp dependency CVE-2023-4863Ecosystems: npm
Packages: sharp
Source: GitHub Advisory Database
Blast Radius: 41.0
Published: 6 months ago
Statistics
Advisories: 18,372
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Packages: 8,294
Repositories: 1,394
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
parse-server
29
electron
26
@openzeppelin/contracts-upgradeable
21
@openzeppelin/contracts
20
directus
16
sequelize
16
ghost
14
tinymce
14
swagger-ui
14
next
13
joplin
13
strapi
13
ckeditor4
13
vm2
12
undici
12
handlebars
11
nodebb
11
angular
11
marked
11
@evershop/evershop
9
serve
9
tinymce/tinymce
9
TinyMCE
9
jquery
9
next-auth
9
org.webjars.npm:jquery
9
jquery-rails
9
matrix-js-sdk
8
tar
8
node-forge
8
systeminformation
8
steal
8
npm
8
jQuery
8
@strapi/strapi
8
bootstrap
8
validator
8
urijs
8
express-cart
8
editor.md
8
jsrsasign
8
url-parse
8
jquery-ui-rails
7
org.webjars.npm:jquery-ui
7
jQuery.UI.Combined
7
shescape
7
sanitize-html
7
matrix-appservice-irc
7
hapi
7
jquery-ui
7
nocodb
7
lodash
7
uptime-kuma
7
total.js
7
matrix-react-sdk
7
hermes-engine
7
snyk-broker
7
parse-url
6
safe-eval
6
rsshub
6
aaptjs
6
ua-parser-js
5
rendertron
5
vditor
5
keystone
5
sweetalert2
5
prismjs
5
dojo
5
openpgp
5
ejs
5
yarn
5
mongoose
5
public
5
xlsx
5
total4
5
vite
5
lodash-es
5
@strapi/plugin-users-permissions
5
mongo-express
4
vega
4
valine
4
glance
4
moment
4
apostrophe
4
dompurify
4
safer-eval
4
@keystone-6/core
4
@backstage/plugin-scaffolder-backend
4
meshcentral
4
simple-markdown
4
axios
4
hummus
4
muhammara
4
remarkable
4
katex
4
jsonwebtoken
4
qs
4
follow-redirects
4
ws
4
engine.io
4
materialize-css
4
convert-svg-core
4
apollo-server-core
4
realms-shim
4
fastify
4
ecstatic
4
auth0-lock
4
auth0-js
4
simple-git
4
mysql2
4
awsiotsdk
4
aws-iot-device-sdk-v2
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
generator-jhipster
4
mermaid
4
@strapi/utils
3
typeorm
3
keycloak-connect
3
xmldom
3
locutus
3
m-server
3
apollo-server
3
@cubejs-backend/api-gateway
3
code-server
3
@sequelize/core
3
nodemailer
3
mysql
3
postcss
3
wrangler
3
node-opcua
3
slp-validate
3
feathers-sequelize
3
jspdf
3
dns-sync
3
org.webjars.npm:xlsx
3
node-red-dashboard
3
mathjs
3
grunt
3
passport-wsfed-saml2
3
codecov
3
jointjs
3
node-jose
3
node-ipc
3
js-yaml
3
loader-utils
3
@backstage/techdocs-common
3
jquery-validation
3
n8n
3
object-path
3
protobufjs
3
http-live-simulator
3
notevil
3
ses
3
uap-core
3
socket.io-parser
3
froala-editor
3
docsify
3
tough-cookie
3
raneto
3
jose-node-cjs-runtime
3
jose-node-esm-runtime
3
ids-enterprise
3
@materializecss/materialize
3
libxmljs
3
sails
3
parsel
3
@uppy/companion
3
@ckeditor/ckeditor5-markdown-gfm
3
nadesiko3
3
convict
3
bootstrap
3
dojox
3
blamer
3
simplehttpserver
3
buttle
3
slpjs
3
@commercial/subtext
3
serialize-to-js
3
lodash.defaultsdeep
3
browserify-shim
3
fast-xml-parser
3
socket.io-file
3
@vrite/sdk
3
jose
3
snyk
3
connect
3
mixme
3
@soketi/soketi
3
json-ptr
3
localhost-now
3
openmct
3
highcharts
3
@sveltejs/kit
3
fuxa-server
3
ftp-srv
3
xdLocalStorage
3
bin-links
3
node-fetch
3
@apollo/server
3
subtext
3
Filter by Repository
https://github.com/parse-community/parse-server
29
https://github.com/electron/electron
25
https://github.com/strapi/strapi
21
https://github.com/OpenZeppelin/openzeppelin-contracts
20
https://github.com/sequelize/sequelize
16
https://github.com/directus/directus
15
https://github.com/tinymce/tinymce
14
https://github.com/swagger-api/swagger-ui
13
https://github.com/nodejs/undici
12
https://github.com/TryGhost/Ghost
12
https://github.com/backstage/backstage
12
https://github.com/laurent22/joplin
12
https://github.com/ckeditor/ckeditor4
12
https://github.com/patriksimek/vm2
12
https://github.com/jquery/jquery
11
https://github.com/NodeBB/NodeBB
11
https://github.com/nextauthjs/next-auth
10
https://github.com/keystonejs/keystone
10
https://github.com/evershopcommerce/evershop
9
https://github.com/vercel/next.js
9
https://github.com/pandao/editor.md
8
https://github.com/digitalbazaar/forge
8
https://github.com/sebhildebrandt/systeminformation
8
https://github.com/matrix-org/matrix-js-sdk
8
https://github.com/apollographql/apollo-server
8
https://github.com/stealjs/steal
8
https://github.com/kjur/jsrsasign
8
https://github.com/nocodb/nocodb
7
https://github.com/unshiftio/url-parse
7
https://github.com/ericcornelissen/shescape
7
https://github.com/louislam/uptime-kuma
7
https://github.com/twbs/bootstrap
7
https://github.com/matrix-org/matrix-appservice-irc
7
https://github.com/matrix-org/matrix-react-sdk
7
https://github.com/lodash/lodash
7
https://github.com/npm/node-tar
6
https://github.com/totaljs/framework
6
https://github.com/eclipse-theia/theia
6
https://github.com/DIYgod/RSSHub
6
https://github.com/facebook/hermes
6
https://github.com/jquery/jquery-ui
6
https://github.com/ionicabizau/parse-url
6
https://github.com/panva/jose
6
https://github.com/shenzhim/aaptjs
6
https://github.com/BlackFan/client-side-prototype-pollution
5
https://github.com/vitejs/vite
5
https://github.com/sweetalert2/sweetalert2
5
https://github.com/openpgpjs/openpgpjs
5
https://github.com/gatsbyjs/gatsby
5
https://github.com/faisalman/ua-parser-js
5
https://github.com/markedjs/marked
5
https://github.com/npm/cli
5
https://github.com/apostrophecms/sanitize-html
5
https://github.com/hacksparrow/safe-eval
5
https://github.com/handlebars-lang/handlebars.js
5
https://github.com/GoogleChrome/rendertron
5
https://github.com/vega/vega
5
https://github.com/ofirdagan/cross-domain-local-storage
4
https://github.com/angular/angular.js
4
https://github.com/cloudflare/workers-sdk
4
https://github.com/sidorares/node-mysql2
4
https://github.com/npm/npm
4
https://github.com/steveukx/git-js
4
https://github.com/socketio/engine.io
4
https://github.com/KaTeX/KaTeX
4
https://github.com/axios/axios
4
https://github.com/PrismJS/prism
4
https://github.com/xCss/Valine
4
https://github.com/mrvautin/expressCart
4
https://github.com/auth0/node-jsonwebtoken
4
https://github.com/follow-redirects/follow-redirects
4
https://github.com/balderdashy/sails
4
https://github.com/Dogfalo/materialize
4
https://github.com/aws/aws-iot-device-sdk-java-v2
4
https://github.com/auth0/lock
4
https://github.com/jhipster/generator-jhipster
4
https://github.com/yarnpkg/yarn
4
https://github.com/Ylianst/MeshCentral
4
https://github.com/jonschlinkert/remarkable
4
https://github.com/medialize/URI.js
4
https://github.com/medialize/uri.js
4
https://github.com/mde/ejs
4
https://github.com/fastify/fastify
4
https://github.com/hapijs/hapi
4
https://github.com/node-opcua/node-opcua
3
https://github.com/hapijs/subtext
3
https://github.com/transloadit/uppy
3
https://github.com/nodemailer/nodemailer
3
https://github.com/node-fetch/node-fetch
3
https://github.com/facebook/react
3
https://github.com/infor-design/enterprise-ng
3
https://github.com/highcharts/highcharts
3
https://github.com/nodejs/llhttp
3
https://github.com/sveltejs/kit
3
https://github.com/immerjs/immer
3
https://github.com/beerpwn/CVE
3
https://github.com/thlorenz/browserify-shim
3
https://github.com/kujirahand/nadesiko3
3
https://github.com/libxmljs/libxmljs
3
https://github.com/RIAEvangelist/node-ipc
3
https://github.com/renovatebot/renovate
3
https://github.com/moment/moment
3
https://github.com/docsifyjs/docsify
3
https://github.com/mongodb/js-bson
3
https://github.com/dojo/dojo
3
https://github.com/dojo/dojox
3
https://github.com/mongo-express/mongo-express
3
https://github.com/mozilla/node-convict
3
https://github.com/dwisiswant0/advisory
3
https://github.com/postcss/postcss
3
https://github.com/MrRio/jsPDF
3
https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable
3
https://github.com/n8n-io/n8n
3
https://github.com/nasa/openmct
3
https://github.com/neocotic/convert-svg
3
https://github.com/soketi/soketi
3
https://github.com/socketio/socket.io-parser
3
https://github.com/manuelstofer/json-pointer
3
https://github.com/skoranga/node-dns-sync
3
https://github.com/Marak/colors.js
3
https://github.com/chjj/marked
3
https://github.com/cisco/node-jose
3
https://github.com/ckeditor/ckeditor5
3
https://github.com/mariocasciaro/object-path
3
https://github.com/simpleledger/slpjs
3
https://github.com/clientIO/joint
3
https://github.com/gruntjs/grunt
3
https://github.com/feathersjs-ecosystem/feathers-sequelize
3
https://github.com/cure53/DOMPurify
3
https://github.com/salesforce/tough-cookie
3
https://github.com/mermaid-js/mermaid
3
https://github.com/NaturalIntelligence/fast-xml-parser
3
https://github.com/zeit/next.js
3
https://github.com/jquery-validation/jquery-validation
3
https://github.com/websockets/ws
3
https://github.com/jfhbrook/node-ecstatic
3
https://github.com/apostrophecms/apostrophe
3
https://github.com/webpack/loader-utils
3
https://github.com/auth0/passport-wsfed-saml2
3
https://github.com/jarofghosts/glance
3
https://github.com/adaltas/node-mixme
3
https://github.com/ua-parser/uap-core
3
https://github.com/vriteio/vrite
3
https://github.com/josdejong/mathjs
3
https://github.com/zestedesavoir/zmarkdown
3
https://github.com/vanessa219/vditor
3
https://github.com/Automattic/mongoose
3
https://github.com/vendure-ecommerce/vendure
3
https://github.com/xmldom/xmldom
3
https://github.com/typeorm/typeorm
3
https://github.com/YMFE/yapi
3
https://github.com/matrix-org/matrix-appservice-bridge
2
https://github.com/shelljs/shelljs
2
https://github.com/mathjax/MathJax
2
https://github.com/jsuites/jsuites
2
https://github.com/codecov/codecov-node
2
https://github.com/cloudhead/node-static
2
https://github.com/commenthol/safer-eval
2
https://github.com/commenthol/serialize-to-js
2
https://github.com/senchalabs/connect
2
https://github.com/semantic-release/semantic-release
2
https://github.com/vvakame/fs-git
2
https://github.com/peerigon/angular-expressions
2
https://github.com/ahdinosaur/set-in
2
https://github.com/peterbraden/node-opencv
2
https://github.com/josdejong/jsoneditor
2
https://github.com/mysqljs/mysql
2
https://github.com/cronvel/tree-kit
2
https://github.com/snyk/cli
2
https://github.com/karma-runner/karma
2
https://github.com/Finastra/ssr-pages
2
https://github.com/jonschlinkert/mixin-deep
2
https://github.com/manvel-khnkoyan/jpv
2
https://github.com/jwadhams/json-logic-js
2
https://github.com/justmoon/node-bignum
2
https://github.com/chocobozzz/peertube
2
https://github.com/chriso/validator.js
2
https://github.com/sindresorhus/semver-regex
2
https://github.com/christian-bromann/rgb2hex
2
https://github.com/sindresorhus/is-svg
2
https://github.com/yahoo/serialize-javascript
2
https://github.com/aFarkas/lazysizes
2
https://github.com/jonschlinkert/set-value
2
https://github.com/simpleledger/slp-validate.js
2
https://github.com/julianhille/MuhammaraJS
2
https://github.com/markdown-it/markdown-it
2
https://github.com/simonh1000/angular-http-server
2
https://github.com/marudor/libxmljs2
2
https://github.com/vivaxy/here
2
https://github.com/endojs/endo
2
https://github.com/Agoric/realms-shim
2
https://github.com/payloadcms/payload
2
https://github.com/guardian/html-janitor
2
https://github.com/jameswlane/status-board
2
https://github.com/amitmerchant1990/electron-markdownify
2
https://github.com/froala/wysiwyg-editor
2
https://github.com/mozilla/nunjucks
2
https://github.com/dfinity/agent-js
2
https://github.com/mithunsatheesh/node-rules
2